-
漏洞讨论

tcpdump is prone to a remote buffer overflow condition which occurs when handling malformed NFS packets. This may allow a remote attacker to cause arbitrary instructions to be executed with the privileges of the tcpdump process.

It has not been established that this issue is exploitable to execute arbitrary code, but it may result in a denial of service to tcpdump.

-
漏洞利用

Currently we are not aware of any exploits for this issue. If you feel we are in error or are aware of more recent information, please mail us at: vuldb@securityfocus.com &lt;mailto:vuldb@securityfocus.com&gt;.

-
解决方案

FreeBSD has made a patch available. If it cannot be installed, administrators are advised to upgrade vulnerable systems to 4.6-STABLE; or to the RELENG_4_6, RELENG_4_5, or RELENG_4_4 security branch dated after the correction date in the advisory (4.6-RELEASE-p2, 4.5-RELEASE-p8, or 4.4-RELEASE-p15).

MandrakeSoft has released an advisory. Information about obtaining and applying fixes are available in the referenced advisory.

OpenPKG has released an advisory OpenPKG-SA-2004.002 to address this and other issues. Please see the referenced advisory for more information.